1 /* $NetBSD: crypto.c,v 1.1.1.6 2016/05/01 15:57:23 christos Exp $ */ 2 3 #include "config.h" 4 #include "unity.h" 5 #include "ntp_types.h" 6 7 #include "sntptest.h" 8 #include "crypto.h" 9 10 #define MD5_LENGTH 16 11 #define SHA1_LENGTH 20 12 13 14 void test_MakeMd5Mac(void); 15 void test_MakeSHA1Mac(void); 16 void test_VerifyCorrectMD5(void); 17 void test_VerifySHA1(void); 18 void test_VerifyFailure(void); 19 void test_PacketSizeNotMultipleOfFourBytes(void); 20 21 22 void 23 test_MakeMd5Mac(void) 24 { 25 const char* PKT_DATA = "abcdefgh0123"; 26 const int PKT_LEN = strlen(PKT_DATA); 27 const char* EXPECTED_DIGEST = 28 "\x52\x6c\xb8\x38\xaf\x06\x5a\xfb\x6c\x98\xbb\xc0\x9b\x0a\x7a\x1b"; 29 char actual[MD5_LENGTH]; 30 31 struct key md5; 32 md5.next = NULL; 33 md5.key_id = 10; 34 md5.key_len = 6; 35 memcpy(&md5.key_seq, "md5seq", md5.key_len); 36 memcpy(&md5.type, "MD5", 4); 37 38 TEST_ASSERT_EQUAL(MD5_LENGTH, 39 make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual)); 40 41 TEST_ASSERT_TRUE(memcmp(EXPECTED_DIGEST, actual, MD5_LENGTH) == 0); 42 } 43 44 45 void 46 test_MakeSHA1Mac(void) 47 { 48 #ifdef OPENSSL 49 50 const char* PKT_DATA = "abcdefgh0123"; 51 const int PKT_LEN = strlen(PKT_DATA); 52 const char* EXPECTED_DIGEST = 53 "\x17\xaa\x82\x97\xc7\x17\x13\x6a\x9b\xa9" 54 "\x63\x85\xb4\xce\xbe\x94\xa0\x97\x16\x1d"; 55 char actual[SHA1_LENGTH]; 56 57 struct key sha1; 58 sha1.next = NULL; 59 sha1.key_id = 20; 60 sha1.key_len = 7; 61 memcpy(&sha1.key_seq, "sha1seq", sha1.key_len); 62 memcpy(&sha1.type, "SHA1", 5); 63 64 TEST_ASSERT_EQUAL(SHA1_LENGTH, 65 make_mac(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1, actual)); 66 67 TEST_ASSERT_EQUAL_MEMORY(EXPECTED_DIGEST, actual, SHA1_LENGTH); 68 69 #else 70 71 TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 72 73 #endif /* OPENSSL */ 74 } 75 76 77 void 78 test_VerifyCorrectMD5(void) 79 { 80 const char* PKT_DATA = 81 "sometestdata" /* Data */ 82 "\0\0\0\0" /* Key-ID (unused) */ 83 "\xc7\x58\x99\xdd\x99\x32\x0f\x71" /* MAC */ 84 "\x2b\x7b\xfe\x4f\xa2\x32\xcf\xac"; 85 const int PKT_LEN = 12; 86 87 struct key md5; 88 md5.next = NULL; 89 md5.key_id = 0; 90 md5.key_len = 6; 91 memcpy(&md5.key_seq, "md5key", md5.key_len); 92 memcpy(&md5.type, "MD5", 4); 93 94 TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5)); 95 } 96 97 98 void 99 test_VerifySHA1(void) 100 { 101 #ifdef OPENSSL 102 103 const char* PKT_DATA = 104 "sometestdata" /* Data */ 105 "\0\0\0\0" /* Key-ID (unused) */ 106 "\xad\x07\xde\x36\x39\xa6\x77\xfa\x5b\xce" /* MAC */ 107 "\x2d\x8a\x7d\x06\x96\xe6\x0c\xbc\xed\xe1"; 108 const int PKT_LEN = 12; 109 110 struct key sha1; 111 sha1.next = NULL; 112 sha1.key_id = 0; 113 sha1.key_len = 7; 114 memcpy(&sha1.key_seq, "sha1key", sha1.key_len); 115 memcpy(&sha1.type, "SHA1", 5); 116 117 TEST_ASSERT_TRUE(auth_md5(PKT_DATA, PKT_LEN, SHA1_LENGTH, &sha1)); 118 119 #else 120 121 TEST_IGNORE_MESSAGE("OpenSSL not found, skipping..."); 122 123 #endif /* OPENSSL */ 124 } 125 126 void 127 test_VerifyFailure(void) 128 { 129 /* We use a copy of the MD5 verification code, but modify the 130 * last bit to make sure verification fails. 131 */ 132 const char* PKT_DATA = 133 "sometestdata" /* Data */ 134 "\0\0\0\0" /* Key-ID (unused) */ 135 "\xc7\x58\x99\xdd\x99\x32\x0f\x71" /* MAC */ 136 "\x2b\x7b\xfe\x4f\xa2\x32\xcf\x00"; /* Last byte is wrong! */ 137 const int PKT_LEN = 12; 138 139 struct key md5; 140 md5.next = NULL; 141 md5.key_id = 0; 142 md5.key_len = 6; 143 memcpy(&md5.key_seq, "md5key", md5.key_len); 144 memcpy(&md5.type, "MD5", 4); 145 146 TEST_ASSERT_FALSE(auth_md5(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5)); 147 } 148 149 150 void 151 test_PacketSizeNotMultipleOfFourBytes(void) 152 { 153 const char* PKT_DATA = "123456"; 154 const int PKT_LEN = 6; 155 char actual[MD5_LENGTH]; 156 157 struct key md5; 158 md5.next = NULL; 159 md5.key_id = 10; 160 md5.key_len = 6; 161 memcpy(&md5.key_seq, "md5seq", md5.key_len); 162 memcpy(&md5.type, "MD5", 4); 163 164 TEST_ASSERT_EQUAL(0, make_mac(PKT_DATA, PKT_LEN, MD5_LENGTH, &md5, actual)); 165 } 166